Why do most of the missions are close to deprecated style

Learn how to do code review

Why do most of the missions are close to deprecated style

Post by RoYaL_BG on Sat Feb 15, 2014 6:49 pm
([msg=79491]see Why do most of the missions are close to deprecated style[/msg])

As one who uses PHP very often, I find the missions related to PHP in the stone age. I mean, there is lack of sites, web hostings, and newer versions of PHP that uses register_globals anymore. While most of the people blame PHP for any security reasons, why don't you refresh the missions with some of the newest PHP vulnerabilities
RoYaL_BG
New User
New User
 
Posts: 1
Joined: Wed Jul 18, 2012 6:45 pm
Blog: View Blog (0)


Re: Why do most of the missions are close to deprecated style

Post by Goatboy on Sun Feb 16, 2014 2:06 pm
([msg=79517]see Re: Why do most of the missions are close to deprecated style[/msg])

Those vulnerabilities are still out there. They still form the basis for newer attacks, and new programmers still make those mistakes. There is no reason not to teach an attack just because "it isn't used anymore". Sure it may not be as prevalent, but you can still find it.

And besides, I have always contended that teaching hacking is less about showing a specific set of vulnerabilities and how to exploit them, and more about teaching a frame of mind. By studying the old we can predict the new.

And there's always the laziness issue. Making new missions is hard, yo.
Assume that everything I say is or could be a lie.
1UHQ15HqBRZFykqx7mKHpYroxanLjJcUk
User avatar
Goatboy
Expert
Expert
 
Posts: 2819
Joined: Mon Jul 07, 2008 9:35 pm
Blog: View Blog (0)


Re: Why do most of the missions are close to deprecated style

Post by CovertMagic on Sat Mar 01, 2014 5:56 am
([msg=79698]see Re: Why do most of the missions are close to deprecated style[/msg])

I feel your pain, RoYaL_BG. There's a few elements of missions that I've never seen in the wild, only here at HTS!

Though I think Goatboy is right.

In the few occasions where I've been professionally asked to "de-hack" something, it's always some old php which is completely at odds with the stuff I write myself in the 21st century..

And unless you're in complete control of every server environment you work on (if so, I'm jealous) there'll always be clangers from the past left lying around, or plain old version incompatibility.

So it's a history/sociology lesson as well as computer science!
CovertMagic
New User
New User
 
Posts: 8
Joined: Fri Feb 21, 2014 6:23 pm
Blog: View Blog (0)


Re: Why do most of the missions are close to deprecated style

Post by cyberdrain on Sat Mar 01, 2014 3:53 pm
([msg=79701]see Re: Why do most of the missions are close to deprecated style[/msg])

Imho you're both missing the most important point Goatboy is making: hacking is a mindset, not a bag of tricks. Using previously found vulnerabilities you will understand and are able to find new ones better.
Free your mind / Think clearly
User avatar
cyberdrain
Contributor
Contributor
 
Posts: 969
Joined: Sun Nov 27, 2011 1:58 pm
Blog: View Blog (0)


Re: Why do most of the missions are close to deprecated style

Post by d1str0 on Sat Mar 01, 2014 6:09 pm
([msg=79702]see Re: Why do most of the missions are close to deprecated style[/msg])

Goatboy wrote:Making new missions is hard, yo.

Lots of this^

Also, updating old missions is tricky. By updating, we don't want to create holes in knowledge. There's a delicate balance between keeping things shiny and up-to-date and making sure everything we want to convey is, in fact, conveyed.
The glass is neither half-full nor half-empty; it's merely twice as big as it needs to be.

You may also know me as fas
User avatar
d1str0
New User
New User
 
Posts: 28
Joined: Thu Jan 30, 2014 5:38 pm
Blog: View Blog (0)



Return to Extended Basics

Who is online

Users browsing this forum: No registered users and 0 guests